fsebugoutzone.org:9999

       Post A5RT4krYxfbM096PY0 by mesh4545@fosstodon.org
 (DIR) More posts by mesh4545@fosstodon.org
 (DIR) Post #A5RT4krYxfbM096PY0 by mesh4545@fosstodon.org
       2021-03-21T17:32:22Z
       
       0 likes, 0 repeats
       
       Can someone tell me the difference between #vpn over tor and #tor over vpn? And what&#39;s the benefit of doing this?#askfediverse #askfedi
       
 (DIR) Post #A5RT4lI9MorvKbXdzM by brandon@fosstodon.org
       2021-03-21T17:47:43Z
       
       1 likes, 0 repeats
       
       @mesh4545 Depends who you&#39;d like to hide your identity from, really.VPN over Tor means you&#39;re hiding identity from VPN, Tor over VPN means you&#39;re hiding your true location from the Tor network.A little more complex than this but that&#39;s kinda what it boils down to from a privacy perspective. I couldn&#39;t tell you which is better
       
 (DIR) Post #A5UmG7u1ADBj2NYVNI by francks@mstdn.fr
       2021-03-23T08:06:47Z
       
       0 likes, 0 repeats
       
       @brandon @mesh4545 I am unable to tell the difference and the benefit but I read somewhere that Tor over VPN and vice versa is not the always the good choice. Techies seem to prefer the &quot;what is your need/usage&quot; approche 😊 This toot : https://freeradical.zone/@thenewoil/105916947548106826point to a online tool that could help to choose when you need #Tor and/or #VPN.
       
 (DIR) Post #A5UwPWGawlRAkWEXB2 by yojimbo@hackers.town
       2021-03-23T10:00:32Z
       
       0 likes, 0 repeats
       
       @brandon @mesh4545 What Brandon said.In both cases, your ISP knows which one you&#39;re using, because although they cannot read your actual traffic, they will know that you are talking directly to either a known VPN endpoint, or to a known TOR entry node. The only solution to that is to run your own proxy service somewhere, so that they don&#39;t know what it is doing.Once you have that proxy, the same argument applies - both the VPN service and the TOR entry node will know that IP address; it won&#39;t be your desktop machine, but depending on who hosts the service for you, it might be related to our name/account. This isn&#39;t a problem for privacy from ordinary service providers, because they don&#39;t try that hard, but is a problem for threat models with larger adversaries,  like law enforcement or nation state.In those cases, opsec is important to you, and it must be flawless. All services need to be set up and paid for via anonymous mechanisms, and you must never generate ordinary traffic that matches any aspect of your &#39;private&#39; traffic. i.e. don&#39;t even run the same search terms on the same search engines at roughly the same time ... actually, at this stage, given that you&#39;re asking questions, I&#39;d suggest that you don&#39;t attempt this sort of shell game at all. I don&#39;t think I&#39;d be able to pull it off myself, because I&#39;m not willing to forgo all the conveniences of the observed life on the Internet ...But back to ordinary usage, where you aren&#39;t hiding from your ISP. Both services hide your IP from the endpoints, as do simple proxies. If the endpoints try to reach back to you, with TOR they reach a deadend immediately, unless they&#39;re a 51% controller like the CIA probably is ... with a commercial VPN, it&#39;s a law enforcement request to turn over your details.The terms and conditions for TOR are what they say on the tin - nobody knows, nobody cares, but also nobody promises to look after you.With a VPN, some commercial providers will sell your data, some say they won&#39;t share it, and some say they&#39;re not even collecting it, and run their services in countries where ordinary law enforcement is not effective against the privacy controls.VPN is generally &#39;quick&#39;, TOR is generally &#39;slow&#39; - much slower. Mixing them together makes the total slower still, and I suspect there&#39;s a provable order to which is worse, technically. I can&#39;t see many benefits to doing this. Your own proxy first is probably going to help your privacy, and if you had that ... perhaps you don&#39;t need TOR or a VPN anyway ...
       
 (DIR) Post #A5ZqqJbmURjPNHKwJk by RTP@fosstodon.org
       2021-03-25T18:51:29Z
       
       0 likes, 0 repeats
       
       @mesh4545 Both variants commonly done wrong- this is w/#Tor project does not outright recommend.If u sign up w/a #VPN provider- they have your name, credit card, personal browsing habits/history (&#39;no logs&#39; is commonly false).If one uses VPN over Tor it negates protections of Tor as your VPN provider (and anyone watching connections on it) w/still know who you are. Tor over VPN normally better: Tor provides the real privacy protection.Unless 100% of time u register/use VPN ONLY anon w/tor